TC Bulletin and Policy Change 10/18/09

[Uli]

Good luck, I'm pretty sure no one has the ability to hack.

To exploit, yeah anyone can do that however most of the time its either luck or so much effort goes into it you finally find a way.

Quote:

Originally Posted by sXeKJB

asking for people to hack/exploit to get the ability to be apart of this team may not be a wise decision, does this include sending DoS attacks?

I'm pretty sure sending DoS attacks, SQL injections etc are not what you really want to do (Well SQL injection i suppose you could but those normally fail unless the people run the server/website/whatever are idiots)

[MarlonB]

Quote:

Originally Posted by Uli

Good luck, I'm pretty sure no one has the ability to hack.

I don't understand your statement?


I was able to give myself unlimited experimentation points using memory hacking for example ... but ... i did report this to Kyle (long time ago), and eventhough he never repsonded to it, he put in an extra check on server side to prevent this from happening.

I also found some queries that didn't have escape strings .. again .. i reported those and they got fixed.

I'm sure given enough time ... more hacks can be found, eventhough so far they have done a really good job at keeping important stuff server side.

[Uli]

Quote:

Originally Posted by MarlonB

I was able to give myself unlimited experimentation points using memory hacking for example

Its more how advanced it goes, working out points and all that is honestly very easy and simple to do, there are a lot of other "hacks" which do not require memory editing and some memory editing are not stored as something as easy to lock onto (Experimentation points you just search the number add another search for new number however not everything works like that)

[MarlonB]

Quote:

Originally Posted by Uli

Its more how advanced it goes, working out points and all that is honestly very easy and simple to do, there are a lot of other "hacks" which do not require memory editing and some memory editing are not stored as something as easy to lock onto (Experimentation points you just search the number add another search for new number however not everything works like that)

Oi ... i got your point ...

However ... in the end most pieces of functionality boil down to numbers in memory and a cmp/jmp we are after ... the hard and creative part is understanding the game and coming up with methods to drill down to these needles in the memory haystack.


In the past i've done more challenging stuff then experimentation points ... think changing models in memory ... bypassing crc checks or editing packets in memory ( not sniffing/editing packets but change them directly in game memory). None of these in EMU though ... searching for the easy stuff first .... plus I know lot's can't be hacked as i have access to the server code ( gotto love open source).


There are indeed several other hacks that do not require memory changes, but those just ain't in my area of interest ... in the end i only do this because it interests me.


I'll wait untill this storm passes and then see how policies are before loading Olly again